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(57) Abstract: A system and method of authenticating users and data. One embodiment of the invention includes a smart card ( 100) 
that digitally signs a message in response to authenticating biometric information that is provided by a user. The smart card (100) 
may include a random number generator (204) and an encryption module (208). In an enrollment mode, the biometric data anaJyzer 
(200) receives biometric data (216) from a user and triggers the random number generator (204) to create a public key (220) and a 
private key (224). The private key (224) is stored in a tamper-resistant component on the smart card (100). The public key (220) is 
transmitted to an external device, such as a computer, via a card reader interface (130). During a signing mode, the smart card (100) 
digitally signs incoming messages subsequent to verifying the biometric information (216) that is provided by the user. 
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Field of the Invention 

The invention relates to the conversion of physical or biological signatures into digital 
signatures. More particularly, the invention relates to generating digital signatures using biometric 
identification. 

Description of the Related Technology 

Physical signatures are becoming an anachronism in the electronic world and the process 
of verifying pen-and-ink signatures, photographs or fingerprints on paper or other materials are 
costly and error-prone. At least with physical documents, however, the signer retains the basic 
"contextual controls" of document preparation and physical delivery. On a digitally signed 
electronic document, on the other hand, a signer controls only the encoded signature. All time, 
place and manner controls are absent, and nothing distinguishes a valid user signature from one 
fraudulently produced by another user who somehow obtained the first user's data, algorithms and 
keys. 

Public-key cryptography is a computer security technology that can support the creation of 
electronic document systems, providing that the user's digital signature on an electronic document, 
Le n the user's electronic authentication and verification of the electronic document, can be given 
sufficient practical and legal meaning. 

These systems have enormous commercial significance because, in many cases, large cost 
reductions can be realized over current paper transaction procedures. This improvement is 
sufficiently dramatic that many organizations are, for economic and competitive reasons, 
. compelled to use them once their practicality has been demonstrated. 

Disadvantageous^, known systems do not allow for authentication of messages using 
biometric information. Biometrics is the measure of an individual's body or behavior in order to 
identify or verify the individual's identity. Biometrics provides for new ways to identify a user 
with his fingerprint, voiceprint, iris scan, facial picture, hand geometry or various other unique 
features of his body or behavior. Biometric measurement data, albeit subject to statistical 
variations, is nevertheless conventionally used to verify the identity of individuals. Typical 
methods used are based on statistical hypothesis testing where an individual's biometric 
measurements are stored at the time of "enrollment". Then, during "verification", biometric 
measurements are taken again and compared to the stored measurements. Various algorithms can 
be used to convert the measurements into mathematical representations and accept a range of 
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biometric data.^j^,, conversion and statistical analysis is us^^^ecause sequential biometric 
measurements have a range for any one individual, especially when taken at different times and 
places using even slightly different equipment. 

There is a need for new and improved systems for authenticating messages. The system 
should analyze biometric information as provided by the user as part of the authentication process. 
The system should also include features to safeguard the keys that are used in the authentication 
process. 



Brief Description of the Drawings 
10 Figure 1 is a block diagram illustrating certain components of a smart card embodiment of 

a portable encryption device. 

Figure 2 is a block diagram illustrating the functional modules and data involved in an 
enrollment process that is performed by the smart card of Figure 1. 
Figure 3 is a block diagram illustrating the functional modules and data involved in a 
1 5 signing process that is performed by the smart card of Figure 1 . 

Figure 4 is a flowchart illustrating an exemplary process of registering biometric 
information with the portable encryption device of Figure 1. 

Figure 5 is a flowchart illustrating an exemplary process of generating and authenticating a 
message using the portable encryption device of Figure 1. 

20 

Summary of the Certain Inventive Aspects 
One aspect of the invention comprises a method of generating digital signature, the method 
comprising: generating public and private keys on a secure device, storing biometric information 
indicative of a user on the secure device, receiving biometric information indicative of the user, 
25 and comparing the stored biometric information with the received biometric information on the 
secure device, and if the comparison is successful, generating a digital signature for a message. In 
one embodiment, the secure device is portable. Furthermore, in one embodiment of the invention, 
the secure device is a smart card. 

Another aspect of the invention comprises a method of generating a digital signature, the 
30 method comprising registering biometric information in a secure device and generating public and 
private keys on the secure device in conjunction with the biometric information. The digital device 
may include a unique device identifier which is used for key generation. 

Yet another aspect of the invention comprises a secure device for generating a digital 
signature, the device comprising: a module for generating public and private keys on a secure 
35 device, a module for storing biometric information indicative of a user on the secure device, a 
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stored biometric information with the received biometric information on the secure device, and if 
the comparison is successful, generating a digital signature for a message. 



The following detailed description is directed to certain specific embodiments of the 
invention. However, the invention can be embodied in a multitude of different ways as defined 
and covered by the claims. 

Figure 1 illustrates an exemplary smart card 100 that may be used to verify biometric 
information and sign a data item. Although the following text describes the use of a smart card 
100, the processes that are performed by the smart card 100 can be integrated with any type of 
portable electronic device, for example a wireless handheld device. Furthermore, it is noted that 
the portable electronic device can comprise software, hardware, or a combination thereof. The 
smart card 100 receives the biometric information via a biometrics interface 110 and then 
processes the biometric information with a biometrics processor 114. The smart card 100 also 
includes a central processing unit (CPU) 118, a random access memory/read only memory 
(RAM/ROM) 122, a cryptosystem 126, and a card reader interface 130. The cryptosystem 126 
may include an electrically eraseable programmable read only memory (EEPROM) 134 and a 
cryptosystem processor 138. The EEPROM 134 may contain a unique identifier, e.g., card serial 
number, associated with the smart card 100 which may be used in key generation. These various 
components may communicate over a shared bus. It is noted that, depending on the embodiment, 
other hardware configurations may be used. For example, in one embodiment, the biometrics 
processor 114, the CPU 118, and the cryptosystem processor 138 can be integrated into a single 
processor. 

Figure 2 is a block diagram illustrating the process flow of the smart card 100 during an 
enrollment mode. Figure 2 also illustrates certain functionalities that may be embodied as software 
modules that are executed by the hardware shown in Figure 1. Insofar as functionality, the smart 
card 100 comprises a biometric data analyzer 200, a random number generator 204, an encryption 
module 208, and a one-way hash function . 2 12. The biometric data analyzer 200, the random 
number generator 204, the encryption module 208 and the one-way hash function 212 may be 
implemented in either hardware or software. In one embodiment, the biometric data analyzer 200 
is associated with the biometrics processor 1 14 and functions 204, 208 and 212 are associated with 
the cryptosystem 138. 

In one embodiment of the invention, the biometric data analyzer 200 executes on the 
biometrics processor 114 (Figure 1). In the enrollment mode, the biometric data analyzer 200 
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receives biomet^^ta 216 from a user and triggers the randorr^^^ber generator 204 to create a 
public key 220 N and a private key 224. The private key 224 is stored in a tamper-resistant 
component on the smart card 100. The public key is transmitted to an external device, such as a 
computer, via the card reader interface 130. 
5 In one embodiment, once a set of biometric parameters is selected, a graphical distribution 

of identifications is made in n-dimensions. Registration is conducted against known templates in 
dependence upon the selected parameters. 

Once registration is complete, a single point is determined having coordinates equal to 
each of at least some of the registration results. Alternatively, the point has coordinates 

10 determined in dependence upon the registration results but not equal thereto. Plotting the point 
results in a point plotted in n-dimensional space. The biometrics processor 114 then determines a 
probability distribution for the selected parameters. Alternatively, this is performed prior to the 
registration process for biometric information samples. Further, alternatively the probability 
distributions are determined or approximated in advance and stored in non-volatile memory such 

15 as ROM 122. 

Figure 3 is a block diagram illustrating the process flow of the smart card 100 during a 
signing mode. In the signing mode, a clear message 230 is transmitted to the smart card 100 via 
the card reader interface 130 (Figure 1). For authentication purposes, as is explained in further 
detail below, the one-way hash function 212 creates a message digest 232 based upon the content 
20 of the clear message 230. The encryption module 208 then encrypts the message digest with the 
private key 224 to create a digital signature 234. The digital signature 234 is then appended to the 
clear message 230, and is transmitted to an external device, such as a computer via the card reader 
interface 130. 

Before any message is sent, the user must re-provide the biometric data 216 for user 
25 verification. Given an n-dimensional plot defined by a boundary function and a single point, a 
comparison determines whether or not the point falls below or above the function and optionally 
within or outside other known ranges. Stated differently, the point is analyzed to determine 
whether it falls within a suitable region wherein region is defined as an n-dimensional region 
having at least some known boundaries. When the point falls within a predetermined or suitable 
30 region, the individual is identified. When the point falls outside the predetermined or suitable 
region, the individual is not identified. 

In another approach, actual features are computed from the measurements and combined to 
a vector of feature values, called a feature set. For a comparison of two biometric data only the two 
feature sets are compared. To compare two feature sets, each feature is compared and weighted 
35 separately. To find good weightings for this comparison can be difficult, and an artificial neural net 
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approach may^^used for this purpose. The arithmetic ^^^rences between each two 
corresponding features from all features of the feature sets is calculated and fed into the neural net. 
There they are weighted internally and an output is calculated which gives a value to be interpreted 
as the probability whether the two sets match. A well-trained neural net can classify not only sets 
5 used during training but also novel sets presented the first time. Once the neural net is trained and 
the acceptable range of output values is determined the identification can readily be made. If the 
output falls within this range, the individual is identified, if it is outside the range, the individual is 
not identified. 

Although current biometric devices and algorithms based on these approaches now 
10 routinely achieve acceptable levels of false acceptance, false rejection and failure to enroll rates, a 
limitation of all biometric devices remain the possibility for a fraudulent' user to capture and fake 
the input device or to access and replay the biometric data channels. To overcome this limitation, 
the smart card 100 converts the biometric data 216 into a digital signature 234 in a tamperproof 
way. 

15 There are two types of cryptographic systems in which digital signatures have been used: 

symmetric and asymmetric cryptosystems. In symmetric (conventional) cryptography the sender 
and recipient of a communication share a secret key. This key is used by the sender, the originator 
of a communication, to encrypt the message and by the recipient of the communication to decrypt 
the message. It may also be used by the recipient to authenticate a message by having the sender 

20 use the secret key to compute some function such as a Message Authentication Code (MAC) based 
upon the message; the recipient thus can be assured of the identity of the originator, because only 
the sender and the recipient know the secret key used to compute the MAC. DES is an example of 
a symmetric cryptosystem. 

In asymmetric (public key) cryptography different keys are used to encrypt and decrypt a 

25 message. Each user is associated with a pair of keys. One key (the public key) is publicly known 
and is used to encrypt messages destined for that user, and the other key (the private key) is known 
only to that user and is used to decrypt incoming messages. Since the public key need not be kept 
secret, it is no longer necessary to secretly convey a shared encryption key between 
communicating parties prior to exchanging confidential traffic or authenticating messages. RSA is 

30 the most well known asymmetric algorithm. 

A digital signature, however, is a block of data appended to a message data unit, and 
allows the recipient to prove the origin of the message data unit and to protect it against forgery. 
Some asymmetric algorithms, RSA, can also provide authentication and non-repudiation 
through use of digital signatures. In order to sign data, the sender encrypts the data under his own 

35 private key. In order to validate the data, the recipient decrypts it with the sender's public key. If 
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the message is ^j^sfully^decrypted using the sender's public^^the message must originally 
have been encrypted by the sender, because the sender is the only entity that knows the 
corresponding private key. Using this method of signing documents, the encrypted message is 
bound to fee signature, because the recipient cannot verify the message without decrypting the 
5 signature data block. The signature-encrypted message can then be encrypted to the recipient using 
the recipient's public key, as usual. 

Digital signatures may also be formed using asymmetric encryption. To sign a message, 
the message is first digested (hashed) into a single block using a one-way hash function. Briefly, a 
typical one-way hash function, denoted H(M), operates on an arbitrary-length block of text or 

10 message M. The one-way hash function returns a fixed-length hash value, h, such that h = H(M), 
were h is of length m. One-way hash functions have special characteristics that make them one- 
way. Given M, for example, it is easy to compute h. Given h, it is hard to reverse the hashing 
process and to compute M such that H(M) = h. Further, it is very difficult to find another message, 
M 1 , such that H(M) = H(M'). In essence, a one-way hash function has the property that, given the 

15 digest, it is computationally extremely difficult to construct any message that hashes to that value 
or to find two messages that hash to the same digest The digest is then encrypted with the user's 
private key, and the result is appended to the encrypted or unencrypted message as its signature. 
The recipient uses the sender's public key to decrypt the signature into the hash digest. The 
recipient also digests (hashes) the message, which has been received either unencrypted or 

20 encrypted and then decrypted by the recipient, into a block using the same one-way hash function 
used by the sender. The recipient then verifies the sender's signature by checking that the decrypted 
hash digest is the same as the hashed message digest. 

Separating the signature from the message in this way, i.e., not requiring the sender and 
recipient to encrypt and decrypt the entire message in order to verify the signature, greatly reduces 

25 the amount of data to be encrypted. This can be advantageous because public key algorithms are 
generally substantially slower than conventional algorithms, and processing the entire message in 
order to verify a signature requires a significant amount of time. The signature process also 
introduces redundancy into the message, which, because the message must hash to the specified 
digest, allows the recipient to detect unauthorized changes to the message. 

30 A digital signature provides the security services of (a) integrity, because any modification 

of the data being signed will result in a different digest and thus a different signature; (b) origin 
authentication, because only the holder of the private key corresponding to the public key used for 
validation of the signature could have signed the message; and (c) non-repudiation, as irrevocable 
proof to a third party that only the signer, and not the recipient or its employees, could have created 

35 the signature. A symmetric secret key authenticator does not provide these services, since either of 
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thereafter be useain a cryptographic system for enforcing security policies and authorization 
requirements in a manner that reduces risks to the users. 

The biometrics processor 1 14, the CPU 1 18, and the cryptosystem processor 138, may be 
5 any suitable central processing unit for executing commands and controlling the smart card 100. 
The RAM portion of the RAM/ROM 122 serves as storage for calculated results and as stack 
memory. The ROM portion of the RAM/ROM 122 stores the operating system, fixed data, 
standard routines, and look up tables. Non-volatile memory (such as EPROM or EEPROM), e.g., 
EEPROM 134, serves to store information that must not be lost when the card is disconnected from 
10 a power source but that must also be alterable to accommodate data specific to individual cards or 
any changes possible over the card lifetime. This information can include the private key 224 and 
biometric measurement templates and can include the public key 220, a card serial number, a 
personal identification number, biometric standards or limits, authorization limits, etc. The 
encryption module 208 is used for performing a variety of encryption algorithms. The random 
15 number generator 204 is used to generate random keys used in the encryption algorithms. The 
biometrics interface 110 (Figure 1) is used to receive biometric data. By way of example the 
biometrics interface 1 10 may provide a contact device or an optical device to perform a finger scan 
or image, an iris scan or image, a retina scan or image or to determine the geometry of a hand or a 
face. The biometrics interface may also provide a microphone to perform a voice or speaker 
20 analysis and verification. The biometrics interface may also provide a keyboard to perform key 
stroke dynamic analysis or a contact to perform stroke or writing dynamic analysis and 
verification. The biometric data analyzer 200 is used for performing various biometric data 
analysis, identification and verification algorithms. The card reader interface 130 includes the 
software and hardware necessary for communication with the outside world. A wide variety of 
25 interfaces are possible. By way of example, the card reader interface 130 may provide a contact 
interface, a close-coupled interface, a remote-coupled interface, or a variety of other interfaces. 
With a contact interface, signals from the card are routed to a number of metal contacts on the 
outside of the card which come in physical contact with similar contacts of a card reader device. 
Depending on the application, the biometrics interface 110 can be separated from or combined 
30 with the card reader interface 130. 

In one embodiment, the smart card 100 includes components to perform the functions of 
biometric data analysis, random key generation, one-way hash fimction to generate a message 
digest, and encryption using a private key to generate a cipher text from a clear text. 
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a message sent by the user. 



The hash digest is encrypted with a private key which is randomly generated by the card when the 
biometrics registration process performed by the card is complete. 

The generation of random private and public keys can utilize well known algorithms and 
5 calculations to create the public and private keys. In the case of RSA, the encryption operation 
selects two prime numbers p and q and an exponent e which is relatively prime to 
(p-l)(q-l). The private key is the composite number n = p * q and the exponent e. To speed up the 
RSA algorithm, three common choices for e are 3, 17 and 65537. 



10 1 modulo (p-l)(q-l). The calculation of d is straightforward using the extended Euclidian 
algorithm. 

A simple algorithm to generate the public and the private key on the card module runs as 
follows: first generate two large random prime numbers p and q and choose e among 3, 17 and 
6553V so that e is relatively prime to (p-l)(q-l); if not possible repeat the random prime numbers 
15 generation until two suitable primes are found; then calculate n and d. The generation of the two 
random prime numbers p and q can be achieved by using standard algorithms to generate probable 
primes with an acceptable very low probability of error, such as the Miller-Rabin algorithm, or 
provable primes, such as the Maurer's algorithm. 



20 Rabin algorithm one has to choose first two primes p and q congruent to 3 modulo 4. These primes 

are the private key, the product n = p * q is the public key. 

In the ElGamal algorithm to generate a key pair, one has to choose a prime p and two 

random numbers g and x such that both numbers g and x are less than p. The private key is x, the 

public key is g exp x modulo p, g and p. 
25 It is clear that in all these cases the private and public keys can be generated by the 

cryptosystem processor 138 by generating random integers and prime numbers and performing 

relatively simple and rapid tests and calculations. 

The advantage of this approach is that nobody, even the user, is able to know the private 

key 224. The private key 224 is generated only when the biometric template data for the biometric 
30 registration is complete. The private key 224 is be embedded into tamperproof portion of the smart 

card 100 and is therefore inaccessible to any outside user. 

The public key 220 is usually transmitted with a digital certificate. A digital certificate is a 

data package that completely identifies an individual and is issued by a certification authority only 

after that authority has verified the individual's identity. The data package includes the public key 
35 that belongs to the individual. When the sender of a message signs the message with his private 



The public key is the composite number n and the exponent d, so that e * d is congruent to 



Various other algorithms are currently used for efficient asymmetric cryptography. In the 
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key, the recipia^K the message can use the sendees public ^^[retrieved from the certificate 
either sent with tne message or available elsewhere on the network) to verify that the sender is 
legitimate. A certificate can also be used to send an encrypted message to the certificate owner by 
using the public key contained in the certificate. 

The public key 220 generated by the smart card 100 can be used to generate a digital 
certificate by a certification authority. For example every smart card can be identified by a serial 
number. The certification authority can maintain records identifying which smart card 100 has 
been attributed to which individual and receive the public key corresponding to said smart card and 
said associated user upon the biometrics registration process. 

As an example, The X.509 protocol defines the following structure for public-key 
certificates, and can be used directly with the smart card data: 



[Serial Number 



ersion 



(signature Algorithm^ 



[IssuerName 



Period of Validity 

1. Not Before Date 

2. Not After Date 



Subject Name 



Subject's Public Key 

• Algorithm 

• Public Key 



Extensions 



Signature 



The version field identifies the certificate format. The serial number is unique to the smart 
card 100. The signature algorithm identifies the algorithm used to sign the certificate. The issuer 
field contains the name of the certification authority. The period of validity field includes a pair of 
dates that identifies the period of time that the certificate is valid. The subject field stores the name 
of the user to whom the certificate is issued. The subject's public key field includes the algorithm 
name and the public key itself. The last field contains the certification authority's signature. 

In one embodiment of the invention, generation of the digital signature requires the 
combination of receipt of individual specific biometric data and the card specific private key. No 
one, even the user or the card manufacturer, is able to produce a second card generating the same 
private key. The smart card 100 is unique and specific to the user. 



WO 02/073877 



PCT/US02/07517 



One of 




[vantages of the smart card 100 is that it 




ds against forgery 



in case of 



loss of the card oFattempts to duplicate the smart card 100. First, the smart card 100 is useless 
without its user. Second, the duplication of the smart card 100, even with the knowledge of the 
user's biometric data does not allow the generation of the same private key and the same signature. 
5 Only the combination of the unique smart card and its corresponding specific accurate biometric 
data allows the generation of the digital signature. 

The device provides for a novel way to generate a digital signature, which is unique, 
cannot be duplicated, even by the user or the manufacturer, and requires the user's specific 
biometric data in all cases. By requiring the physical presence of the individual and the device to 
10 generate the digital signature it provides for a contextual control of the signature, which is 
equivalent or even superior in many ways to controls currently applied on physical or biological 
signatures and used in today's legal and administrative world. 

A device according to the present invention utilizes a biometrics authentication procedure 
to generate a digital signature. In the disclosed embodiment of the invention, the token or smart 
15 card is used in two different ways, i.e., in an enrollment mode or in a signing mode. Figure 4 is a 
flowchart illustrating an exemplary process of registering biometric information received from a 
user in the enrollment mode. Figure 5 is a flowchart illustrating an exemplary process of 
authenticating a messaging in the signing mode. It is to be appreciated that depending on the 
embodiment, additional states may be added, others removed, and the ordering of the states may be 
20 rearranged. 

Referring to Figure 4, at a state 400, in the "enrollment" or "registration" mode the smart 
card 100 uses the biometrics data analyzer 200 to register biometrics templates coming through the 
biometrics interface 110. Next, at a state 404, after completion of the biometrics registration 
procedure, the smart card 100 generates, via the random key generation module 204, the private 
25 key 224. Moving to a state 408, the smart card 100 generates the public key 220. The private key 
224 is stored in the card non-volatile memory, such as EEPROM 134, and remains unknown to the 
user, whereas the public key 220 is communicated to the user and his correspondents through the 
card reader interface 130 and any subsequent communication channel. 



30 certification authority along with a digital certificate. The certification authority assigns to the 
smart card 100 a specific serial number that is specific to an individual and certifies the 
corresponding public key 220 after successful enrollment by the individual. 

Referring now to Figure 5, at a state 504, in the "signing" mode a message 230 is 
downloaded from a computer into the smart card 100 through the card interface 130 and processed 

35 with the one-way hash function 212 to generate a message digest D = H (M). Next, at a state 506, 



Continuing to a state 412, the public key 220 can be provided to the correspondents by a 
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Lee 110 and verified by the 



biometric data anl^zer 200. It is to be appreciated that the biometric information may optionally 
be received concurrently with or before the receipt of the message. 

Continuing to a decision state 508, if the biometric data 216 is identified (and the identity 
5 of the user is authenticated), the process proceeds to a state 512, wherein a message digest for the 
message is created. Otherwise, if the biometric data 216 is not identified, the process ends. 

From state 512, the process proceeds to a state 516 wherein the message digest is 
encrypted by the encryption module 208 on the card 100 using the private key 224. The result is an 
encrypted message digest that is the digital signature 234 for the message 230. This digital 
10 signature 234 is added to the message 230. Proceeding to a state 520, the message is sent back to a 
computer for further processing and communication. 

In order for the process to be secure it is recommended that the biometric data analyzer 
200, the random number generator 204, the private key 224 and the encryption module 208 be 
embedded into the card in a tamperproof way. The fact that the private key 224 is inaccessible 
15 provides security to the system. The one-way hash function 212 and the public key 220 are shared 
with the recipients of the message in order to decrypt the signature and to compare the message 
digest with the decrypted signature, accordingly it is not necessary to have the one-way hash 
function 212 nor the message digest 232 be embedded into the smart card 100. However, 
depending on the application considered, it might be preferable to generate the message digest on 
20 the smart card 100. For example, the smart card 100 could also be used to verify other user's 
signatures, in which case it will be convenient to store the one way hash function 212 in the smart 
card 100 to be able to verify and create message digests. Incorporating the biometric data analyzer 
200 into the smart card 100 is advantageous because it provides for an additional level of security. 
Any attempt to simulate the biometric data is extremely difficult because the details of the 
25 biometric data and the analysis algorithms are embedded into the smart pard 100 and are unknown 
to a fraudulent user. 

The digital signature can be added to any message or any electronic document. The use of 
the smart card 100 opens a vast area of applications ranging from electronic signatures on bilateral 
and multilateral transactions, electronic notary services, electronic authorizations for financial 
30 transactions in banking and trading, payments for electronic commerce, payments for electronic 
auctions, payments for access to electronic services, and more generally all activities requiring the 
identification of a user requesting or performing an electronic transaction. 

By using the random key generator 204 and the encryption module 208, the private key 
224 does not need to be stored in a host computer. Further, the user biometrics verification process 
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is advantageous^ 




the fact that if the smart card 100 is stoL 




of little value. The user and 



the device are required to generate the digital signature. 

While the above detailed description has shown, described, and pointed out novel features 
of the invention as applied to various embodiments, it will be understood that various omissions, 
5 substitutions, and changes in the form and details of the device or process illustrated may be made 
by those skilled in the art without departing from the scope of the invention. The scope of the 
invention is indicated by the appended claims rather than by the foregoing description. All 
changes which come within the meaning and range of equivalency of the claims are to be 
embraced within their scope. 
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1 . A method of generating a digital signature, the method comprising: 
generating a public and a private key on a secure device; 

storing biometric information indicative of a user in the secure device; 
5 receiving biometric information indicative of the user; and 

comparing the stored biometric information with the received biometric 
information on the secure device, and 

if the comparison is successful, generating a digital signature for a message. 

2. The method of Claim 1, wherein the secure device is portable. 

10 3 . The method of Claim 1 , wherein the secure device is a smart card. 

4. The method of Claim 1, additionally comprising generating a digital certificate 
that includes an identifier associated with the secure device. 

5. A system for generating a digital signature, the system comprising: 
means for generating a public and a private key on a secure device; 

15 means for storing biometric information indicative of a user on the secure device; 

means for receiving biometric information indicative of the user; and 
means for comparing the stored biometric information with the received biometric 
information on the secure device, and if the comparison is successful, generating a digital 
signature for a message. 

20 6. The system of Claim 5, additionally comprising means for generating a digital 

certificate that includes an identifier associated with the secure device. 

7. The system of Claim 5, wherein the secure device is portable. 

8. The system of Claim 5, wherein the secure device is a smart card. 

9. A method of generating a digital signature, the method comprising: 
25 storing biometric information in a secure and portable device; and 

generating, with the biometric information, a public key and a private key on the 
secure and portable device. 

10. The method of Claim 9, additionally comprising: 
receiving a message; and 

30 generating a digital signature for the message using, at least in part, the private 

key. 

1 1 . The method of Claim 9, wherein the device includes a unique device identifier that 
is associated with the generated public and private keys. 

12. A secure device for generating a digital signature, the secure device comprising: 
35 a module configured to generate a public and a private key on a secure device; 
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^j^mory configured to store bioraetric infor^^^r 



secure device; and 

a biometric data analyzer configured to receive biometric information indicative of 
the user, and wherein the biometric data analyzer is configured to compare the stored 
5 biometric information with the received biometric information on the secure device, and if 

the comparison is successful, the biometric data analyzer generates a digital signature for a 
message. 

13. The secure device of Claim 12, wherein the secure device is portable. 

14. -jThe secure device of Claim 12, wherein the secure device is a smart card. 
10 15. A secure device, comprising: 

a biometrics processor configured to process biometric data and configured to 
authenticate the identity of a user; 

a biometrics interface for receiving biometric data and transmitting the biometric 
data to the biometrics processor; 
15 a card reader interface for transmitting at least one message to an electronic 

device; and 

a cryptoprocessor for generating a digital signature for the message; 
wherein the secure device transmits the generated digital signature to the electronic 
device via the card reader interface subsequent to the biometric processor authenticating 
20 the identity of the user. 

16. The secure device of Claim 15, wherein the secure device is a smart card. 

17. The secure device of Claim 15, wherein the secure device is portable. 

18. The secure device of Claim 15, wherein the secure device transmits to the 
electronic device an electronic certificate that includes an identifier that is associated with the 

25 secure device. 

19. A method of generating a digital signature on a smart card, comprising: 
generating a public key on a portable smart card- 
generating a private key on the portable smart card; 

storing the private key in a tamperproof memory in the portable smart card; 
30 storing biometric information indicative of a user in the portable smart card; 

receiving biometric information indicative of the user at the portable smart card; 

comparing the stored biometric information with the received biometric 
information on the portable smart card, and if the comparison is successful, generating a 
digital signature for a message, wherein the digital signature includes an encrypted 
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message tfv* °^ ^ e messa g e > m d wherein the digital j^^iture is encrypted, at least in 
part, usin^me generated private key; and 

transmitting the generated digital signature to a remote electronic device. 

20. The method of Claim 19, wherein the digital signature is transmitted with the 
5 message to a remote electronic device. 

2 1 . The method of Claim 20, additionally comprising: 
receiving the message and the digital signature; 
decrypting the digital signature with the public key; and 
authenticating the message. 

10 22. A system for generating a digital signature, the system comprising: 

means for registering biometric information in a secure device; and 
means for generating a public key and a private key on the secure device in 
conjunction with the biometric information. 

23 . The system of Claim 22, additionally comprising: 
15 means for receiving a message; and 

means for generating a digital signature for the message using at least in part the 
private key. 

24. A system, comprising: 
a network; 

20 at least one biometric input device; and 

a device configured to provide a digital signature to another device via the network 
in response to authenticating the identity of a user. 



25 
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